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Memorandum SEP 3 0 2014 
Toi Bureau and Office Heads 
From: Sylvia Burns ~ 


Chief Information Officer and Senior Agency Official for Privacy 


Subject: Department of the Interior Privacy Impact Assessment Guide, DI-4001 PIA Form, 
and Adapted Privacy Impact Assessment 


This memorandum issues the attached Department of the Interior (DOI) Privacy Impact 
Assessment (PIA) Guide, DI-4001 PIA form, and Adapted PIA for agency-wide implementation. 
The attached DOI PIA Guide supersedes OCIO Bulletin 2002-015, “Privacy Impact Assessments 
for Department of the Interior Information Systems,” the DOI PIA Guide issued March 2004, 
and any other previously issued guidance on this topic. 


The DOI PIA Guide provides detailed guidance on identifying, evaluating and analyzing 
potential privacy risks associated with the development or use of information systems or 
applications pursuant to the E-Government Act of 2002, the Privacy Act of 1974, Office of 
Management and Budget privacy policies, National Institute of Standards and Technology 
guidelines, and other applicable privacy laws, regulations and standards. PIAs demonstrate that 
the agency has evaluated privacy risks and incorporated protections commensurate with those 
risks to protect personally identifiable information (PII) and ensure sufficient safeguards are in 
place for the privacy of personal information. PIAs also provide information to the public on 
what information agencies collect about them, how that information is used and shared, and any 
impact that collection and use may have on their personal privacy. All DOI PIAs conducted 
after the effective date of this memorandum must be completed in accordance with the attached 
DOI PIA Guide. 


The DI-4001 PIA form is an automated form with electronic signature capability, which allows 
for a streamlined PIA workflow and approval process, and an efficient method for conducting 
PIAs to ensure the protection and proper handling of PII during the information life cycle. The 
DI-4001 PIA form is available to all DOI personnel on the Enterprise Forms System (EFS) portal 
at https://eforms.doi.gov/, the Department’s enterprise-wide forms system. The DOI PIA Guide 
and the DOI Adapted PIA are available on the DOI PIA website at 


http://www.doi.gov/ocio/information_assurance/privacy/ppia.cfm. 


Bureaus and Offices must utilize the DI-4001 PIA form when conducting privacy assessments of 
any new or modified information systems, and the Adapted PIA for assessments of third-party 
websites or applications to ensure privacy implications are considered and appropriately 
addressed. Bureau and Office Privacy Officers are requested to disseminate the DOI PIA Guide 
to all Bureau and Office privacy personnel, Information System Owners and Privacy Act System 
Managers, and provide additional guidance as necessary. 


Please direct questions regarding the attached to Teri Barnett, Departmental Privacy Officer, at 
(202) 208-1943 or Teri_Barnett@ios.doi.gov, or your Bureau or Office Privacy Officer, whose 
contact information may be found at 


http://www.doi.gov/ocio/information_assurance/privacy/privacy-policy-contacts.cfm. 
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